<?php
	require_once('include/user.class.php');
	require_once('include/database.class.php');
	function getSalt() {
		$length = 16;
		$characters = '0123456789abcdefghijklmnopqrstuvwxyz';
		$string = '';    
		for ($p = 0; $p < $length; $p++) {
			$string .= $characters[mt_rand(0, strlen($characters))];
		}
		return $string;
	}
	
	User::start();
	$db = new Database();
	if(User::isAdmin()) $isAdmin = 'true';
	else $isAdmin = 'false';
	

	
	if (isset($_POST['login'])&&isset($_POST['imie'])&&isset($_POST['nazwisko'])&&isset($_POST['mail'])&&isset($_POST['pass']))
	{
		try
		{
			$salt = getSalt();
			$db->query('INSERT INTO uzytkownicy(login,imie,nazwisko,mail,hash,salt,czy_admin,czy_aktywny) VALUES(\''.addslashes($_POST['login']).'\',\''.addslashes($_POST['imie']).'\',\''.addslashes($_POST['nazwisko']).'\',\''.addslashes($_POST['mail']).'\',\''.addslashes(md5(md5($_POST['pass']).md5($_POST['pass'].$salt))).'\',\''.addslashes($salt).'\','.$isAdmin.',true)');
			header("Location: index.php?addeduser=yes");
		}
		catch(Exception $e)
		{
			header("Location: index.php?addeduser=no&err=".base64_encode($e->getMessage()));
		}
	}
	else header("Location: index.php?addeduser=no");
?>